Ukuphepha kwewebhusayithi manje kubaluleke kakhulu kunangaphambili. Kungashiwo okufanayo nge- Isitifiketi se-SSL, kungakhathaliseki ukuthi isitifiketi esikhokhelwayo noma samahhala se-SSL. Mhlawumbe uyabuza ukuthi kungani. Njengoba izinsongo ze-cyber zikhula njalo, ukuqinisekisa ukuthi iwebhusayithi yakho ivikelekile sekuyinto ehamba phambili emabhizinisini nakubantu ngabanye. Isici esisodwa esibalulekile sokuphepha kwewebhusayithi yisitifiketi se-SSL.

Siyaqonda ukuthi ungase ube nesidingo esiphuthumayo somhlahlandlela wokuthi ungathuthukisa kanjani ukuphepha kwewebhusayithi yakho futhi uvikele imininingwane yokuxhumana noma idatha yomuntu siqu yamakhasimende akho. Ngakho-ke, sizokusiza ngakho konke odinga ukukwazi mayelana nezitifiketi ze-SSL, okuhlanganisa ukuthi zisebenza kanjani, ukuthi uzibheka kanjani, namathiphu okuthuthukisa ukuphepha kwewebhusayithi.

Noma ngabe ungumnikazi wewebhusayithi, umthuthukisi, noma othile onentshisekelo kwezokuphepha kwewebhusayithi, lesi sihloko sizohlinzeka ngemininingwane ebalulekile nezeluleko ezisebenzayo zokukusiza ukuthi uvikele iwebhusayithi yakho. Asicwilise phakathi.

Sisebenza kanjani Isitifiketi se-SSL

Izitifiketi ze-SSL zibhala ngemfihlo idatha edluliswa phakathi kwewebhusayithi nabasebenzisi bayo. Inqubo ye-SSL/TLS (Transport Layer Security) iyisisekelo sesitifiketi se-SSL. Inqubo ibandakanya isiphequluli esicela iseva ukuthi iqalise ukuxhumana okuphephile. Ngaphezu kwalokho, ukuxhawula kwe-TLS kubandakanya izinyathelo ezimbalwa, okuhlanganisa ukuxoxisana ngokubethela kanye nokushintshisana okubalulekile, ukuze kuqinisekiswe ukuxhumana okuphephile phakathi kwezinhlangothi ezithintekayo.

Isibonelo, lapho abasebenzisi bevakashela iwebhusayithi yakho, isiphequluli sabo siqala ukuxhawula i-TLS neseva yakho yewebhu. Iseva yakho ibe isiphendula ngokuthumela isitifiketi sayo se-SSL esipheqululini, siqinisekisa ubuqiniso baso. Uma isitifiketi sesiqinisekisiwe, isiphequluli sakho neseva zisungula ukuxhumana okuphephile futhi zibethele idatha edluliswa phakathi kwazo.

Izitifiketi Zesizinda Esiqinisekisiwe (i-DV) ziyizinga eliyisisekelo kakhulu lokuqinisekisa noma uhlobo lwesitifiketi se-SSL. Nokho, baqinisekisa kuphela ubunikazi besizinda. Izitifiketi Zenhlangano Eqinisekisiwe (i-OV) Nokuqinisekisa Okunwetshiwe (EV) zidinga izinyathelo zokuqinisekisa ezengeziwe, njengokuqinisekisa ubunikazi benhlangano nesimo somthetho.

Ngaphezu kwalokho, kukhona izitifiketi ze-Wildcard ne-Multi-domain SSL. Isitifiketi esijwayelekile se-Wildcard sivikela zonke izizinda ezingaphansi kwesizinda esithile. Ngakolunye uhlangothi, isitifiketi se-Multi-Domain singavikela izizinda eziningi ngesitifiketi esisodwa.

Yiziphi kulezi zitifiketi ze-SSL ezifanele noma ezisebenza kuwe? Ukuqonda izinhlobo ezihlukene zesitifiketi se-SSL kuyadingeka ukuze sikusize ukhethe esifanele izidingo zewebhusayithi yakho.

Ungazibheka Kanjani Izitifiketi ze-SSL

Ukuhlola isitifiketi se-SSL sewebhusayithi yakho kubalulekile ukuze uqinisekise ukuphepha kwewebhusayithi yakho. Ngakho-ke, ubheka kanjani izitifiketi zakho ze-SSL? Kunezindlela ezimbalwa zokuhlola izitifiketi ze-SSL ukuze uqinisekise ukuphepha kwewebhusayithi.

Enye indlela ukusebenzisa izinkomba zokuphepha zesiphequluli. Isiphequluli sizobonisa isithonjana se-padlock kubha yekheli ukukhombisa ukuthi iwebhusayithi yakho ivikelwe nge-SSL. Uma uchofoza ilokhi, ungabuka imininingwane yesitifiketi sakho futhi uqinisekise ubuqiniso besitifiketi.

Enye indlela ukusebenzisa amathuluzi okuqinisekisa isitifiketi se-SSL aku-inthanethi. Lawa mathuluzi angahlinzeka ngolwazi olwengeziwe mayelana nesitifiketi sakho, njengosuku lwaso lokuphelelwa yisikhathi kanye nomkhiphi. Bangaphinde bakuxwayise uma isitifiketi sakho singavumelekile noma uma isizinda sewebhusayithi yakho singafani nesitifiketi.

Ngaphezu kwalokho, ungasebenzisa futhi amathuluzi omugqa womyalo ukuhlola izitifiketi ze-SSL. Isibonelo, ungasebenzisa i-OpenSSL, ithuluzi elisetshenziswa kakhulu ukuhlola imininingwane yesitifiketi se-SSL sewebhusayithi, okuhlanganisa idethi yokuphelelwa yisikhathi, okhiphayo, nochungechunge lwesitifiketi.

Ukuhlola isitifiketi se-SSL sewebhusayithi usebenzisa i-OpenSSL, ungasebenzisa umyalo olandelayo kutheminali yakho, esikhundleni sika-“example.com” ufake iwebhusayithi ofuna ukuyihlola. Lo myalo uzokubonisa imininingwane enemininingwane mayelana nesitifiketi sakho se-SSL, okuhlanganisa nosuku lwaso lokuphelelwa yisikhathi kanye nesikhiphi.

openssl s_client -xhuma isibonelo.com:443

Kubalulekile futhi ukuthi uhlole usuku lokuphelelwa yisikhathi kwesitifiketi sakho se-SSL njalo. Izitifiketi ze-SSL ngokuvamile ziphelelwa yisikhathi ngemva konyaka owodwa noma emibili, kuye ngohlobo lwesitifiketi nomkhiphi. Uma isitifiketi sakho se-SSL siphelelwe yisikhathi, iwebhusayithi yakho izobonisa umlayezo oyisixwayiso, futhi abasebenzisi bazobona umlayezo oyisixwayiso. Kodwa kungenzeka ukuthi uyeqe futhi uxhume kuwebhusayithi.

Amathiphu Okuthuthukisa Ukuvikeleka Kwewebhusayithi

Nakuba izitifiketi ze-SSL zidlala indima ebalulekile ekuvikelekeni kwewebhusayithi, ziyingxenye kuphela yesu eliphelele lokuphepha. Nawa amanye amathiphu angeziwe ahloliwe nathenjwayo okuthuthukisa ukuphepha kwewebhusayithi yakho:

Thuthukisa izinqubo zokufaka amakhodi ezivikelekile

Ukuthuthukisa imikhuba yokubhala ikhodi evikelekile kubalulekile ukuze uthuthukise ukuphepha kwewebhusayithi yakho. Kubandakanya ukulandela izinqubo ezihamba phambili zomkhakha, njengokugwema ubungozi obaziwayo, ukusebenzisa amasu okubhala amakhodi avikelekile, kanye nokwenza ukubuyekezwa kwekhodi ukuze kuhlonzwe futhi kulungiswe izinkinga zokuphepha. Ngenxa yalokho, ukusebenzisa izinqubo zokufaka amakhodi ezivikelekile kuzosiza ukuvimbela ukuhlaselwa kwewebhu okuvamile, okufana ne-cross-site scripting (XSS) kanye nomjovo we-SQL, okungafaka engozini ukuphepha kwewebhusayithi yakho.

Sebenzisa izinqubo zokulondoloza idatha ezivikelekile

Ukusebenzisa izinqubo ezivikelekile zokugcinwa kwedatha nakho kuyadingeka ekuvikelekeni kwewebhusayithi. Idatha ebucayi, efana nemininingwane yokungena komsebenzisi kanye nenkokhelo nolwazi lokuxhumana, kufanele ibethelwe kusetshenziswa ama-algorithms wokubethela asezingeni lomkhakha njenge-AES noma i-RSA. Ukwengeza, qiniseka ukuthi ugcina idatha kusizindalwazi esivikelekile esivikelwe ekufinyeleleni okungagunyaziwe, njengokusebenzisa izindonga zokuvikela nezilawuli zokufinyelela.

Sebenzisa i-firewall yesicelo sewebhu (WAF)

Ukusebenzisa i-web application firewall (WAF) kungenye indlela esebenzayo yokuthuthukisa ukuphepha kwewebhusayithi yakho. I-WAF ingavikela iwebhusayithi yakho ekuhlaselweni okujwayelekile kwewebhu ngokuqapha nokuhlunga ithrafikhi engenayo kuwebhusayithi yakho. Ingavimba amakheli e-IP aziwayo, ivimbele ukuhlaselwa kwe-cross-site scripting (XSS), futhi ivimbe imizamo yokujova i-SQL.

Yenza ukuhlolwa kokuphepha okujwayelekile kanye nezibuyekezo

Ukwenza ukuhlolwa kokuphepha okujwayelekile kanye nezibuyekezo nakho kubalulekile ukugcina ukuphepha kwewebhusayithi. Ukuhlola njalo ukuvikeleka kwewebhusayithi yakho kubandakanya ukuhlola iwebhusayithi yakho ukuze uthole ubungozi obaziwayo kanye nokuhlonza noma yiziphi izinkinga zokuphepha okufanele uzilungise. Ukubuyekeza noma iyiphi isofthiwe noma ama-plugin ezinguqulweni zawo zakamuva nakho kungasiza ekuvimbeleni ukuxhashazwa abahlaseli.

Isiphetho

Izitifiketi ze-SSL zibalulekile ekuvikelekeni kwewebhusayithi, futhi kubalulekile ukuzihlola njalo ukuze uqinisekise ukuthi iwebhusayithi yakho ivikelekile. Nokho, ukuthuthukisa ukuphepha kwewebhusayithi kuhilela okungaphezu nje kokusebenzisa izitifiketi ze-SSL. Noma kunjalo, ungathuthukisa kakhulu ukuvikeleka kwewebhusayithi yakho ngokulandela nokusebenzisa izinqubo ezivikelekile zokufaka amakhodi nokugcinwa kwedatha, usebenzisa i-firewall yohlelo lokusebenza lwewebhu, futhi wenze ukuhlola kokuphepha okujwayelekile kanye nezibuyekezo.

Ngaphezu kwalokho, uzovikela iwebhusayithi yakho ezingozini ezingaba khona futhi uvikele idatha yomuntu siqu ebucayi yabasebenzisi bakho. Okokugcina, khumbula ukuthi ukuvikela iwebhusayithi yakho kuyinqubo eqhubekayo futhi kubalulekile ukuze uhlale unolwazi lwakamuva ngezinqubo zakamuva zokuphepha nezinsongo. Ngakho, uzokwakha ukwethembana kubasebenzisi bakho futhi uvikele ubukhona bakho ku-inthanethi ngokuthatha izinyathelo ezidingekayo ukuze uvikele iwebhusayithi yakho.